At 2Way, we take your security seriously. Our platform is built with advanced security protocols to safeguard your data and ensure secure interactions at all times. Below are the core security features and measures that make 2Way a trusted platform:
GDPR Compliance
2Way operates in full compliance with the General Data Protection Regulation (GDPR). While we act as a data processor, supporting our B2B clients (the data controllers), we ensure that all data processing activities meet the privacy rights of individuals. This includes supporting our clients with tools to manage data subject requests, such as the right to access and delete data.
AWS Cloud Infrastructure
We utilize Amazon Web Services (AWS) to host and manage our platform, ensuring reliable, secure, and scalable operations. Our infrastructure includes:
· Amazon RDS: Secure and automated database backups with high availability.
· Amazon EC2: Scalable computing power to handle fluctuating workloads.
· Amazon S3: Secure, durable storage for files and data, with encryption for data both at rest and in transit.
By leveraging AWS’s industry-leading security and privacy protocols, we ensure end-to-end encryption and maintain 99.99% uptime with robust disaster recovery options.
Key Security Features
· HSTS (HTTP Strict Transport Security): Enforces secure connections to protect against potential man-in-the-middle attacks.
· SQL Injection & XSS Protection: We protect your data from malicious attacks using advanced filtering and validation techniques.
· Session Hijacking & Fixation Protection: Protects session integrity, ensuring unauthorized users can’t hijack active sessions.
· Input Filtering & Validation: We sanitize and validate all inputs, ensuring consistent data integrity and security.
· Strong Bcrypt Encrypted Passwords: Your passwords are encrypted using bcrypt, offering strong protection against brute-force attacks.
· Role-Based Access Control (RBAC): Granular permission settings ensure only authorized users have access to sensitive data and controls.
· Multi-Factor Authentication (MFA): Adds an extra layer of security by requiring two forms of authentication for critical actions.
· Encrypted Communication (SSL/TLS): All communications between clients and servers are fully encrypted, ensuring data security in transit.
· Regular Backups: Automated daily backups using Amazon RDS keep your data protected and easily restorable in case of accidental loss or corruption. · Disaster Recovery: We have a detailed disaster recovery plan in place, allowing us to restore operations and minimize downtime in case of failure.
· Data Security & Isolation: Each client’s data is isolated using unique identifiers, ensuring that no cross-access occurs between different clients.
At 2Way, we continually update our security practices to stay ahead of evolving threats, ensuring that your data and platform interactions remain protected at all times.